package cn.tedu.jdbc;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Scanner;

//使用预编译编译sql 防止sql输出
public class JDBCLogin2 {
    public static void main(String[] args) {
        int a,b;
        a=10;
        b=20;
        a=b;
         try (Connection connection=DBUtil.getConnertion();) { // 进行预编译使得他拥有自编译属性
             Scanner scanner = new Scanner(System.in);
             System.out.println("用户名:");
             String username = scanner.nextLine();
             System.out.println("密码:");
             String password = scanner.nextLine();
             //定义预编译SQL语句[?代表占位符]
             String sql = "SELECT nickname FROM userinfo WHERE username=? AND password=?";
             PreparedStatement ps = connection.prepareStatement(sql);
             //设置?的值
             ps.setString(1, username);
             ps.setString(2, password);
             //执行预编译SQL
             ResultSet r = ps.executeQuery();
             if (r.next()){
                 String nickname = r.getString("nickname");
                 System.out.println("登录成功,欢迎您:" + nickname);
             }else {
                 System.out.println("用户名或密码错误");
             }
         } catch (SQLException e) {
            throw new RuntimeException(e);
        }
    }
}
